Learn how you can launch a Microsoft SharePoint 2010 server farm for a public facing website on Amazon Web Services (AWS) cloud infrastructure in 6 simple steps. This article provides all the necessary resources, including easy-to-launch AWS CloudFormation sample templates, and instructions on how to create Amazon Machine Images (AMIs) so that you can launch a fully functional highly-available Microsoft SharePoint 2010 server farm on AWS.

New! Got Stuck? Switch to the Video Series We have recorded these steps in a complete step-by-step video series for you. Watch Now!

Whether it's a single server SharePoint
Foundation solution or a full featured SharePoint web application
running on a
multi-tiered
SharePoint server farm designed for high availability (HA), Amazon Web
Services
(AWS) provides a complete set of services and tools for deploying
Microsoft Windows
based workloads, including Microsoft SharePoint Server, on its
reliable, scalable and cost-effective cloud infrastructure.

We recommend that you to read the Microsoft
SharePoint Server on AWS Reference Architecture
whitepaper
that describes in
detail common reference architectures for different SharePoint Server
deployment scenarios (primarily, public-facing Internet website and
Intranet application). In this article, you will learn how you can
launch a Microsoft
SharePoint 2010 server farm for the public facing web site scenario. We
provide
all the necessary resources, including easy-to-launch AWS
CloudFormation sample templates, and instructions on how to create
Amazon Machine Images so you can launch the fully functional sample
stack using the AWS Management Console. If you like to customize the
provisioning and configuration steps, we also provide these resources
(templates) in download form, and have published an advanced
guide
so you can customize the templates as per your needs and
deploy them in the cloud repeatedly and reliably using AWS CloudFormation
and other tools such
as the Windows PowerShell or the command line tools.

To launch a sample Microsoft SharePoint Server 2010 Farm for a
public facing web site in the AWS cloud, all you have to do is the
following:

Sign up for an AWS
account (there is no charge
for opening an AWS account).

Launch the network and Active
Directory stack using the sample template (Template-1). This
creates
the necessary network
configuration and Active Directory foundational infrastructure.

Launch the database stack
using the sample template (Template-2). This uses a custom AMI and
deploys
and provisions the
database tier.

Step 1. Sign up For an AWS Account

When you create an AWS account, AWS automatically signs up the
account for all AWS services, including Amazon EC2. You are charged
only for
the services that you use. If you already have an AWS account, skip to
the next
step. If you don't already have an AWS account, use the following
procedure to
create one.

To create an AWS account, Go
to http://aws.amazon.com,
and click Sign Up Now. Follow
the on-screen instructions. Part of the sign-up process involves
receiving a phone call and
entering a PIN using the phone keypad.

This will take you to the AWS Management Console's AWS
CloudFormation stack wizard and load the sample Template-1. AWS
CloudFormation
is a service that will provides you with an easy way to create a
collection of
related and relevant AWS resources and provision them in a repeatable
and
predictable fashion using a simple JSON template.

Figure 2: Create
Stack wizard

The AWS CloudFormation sample Template-1 will create all the
necessary AWS resources, network configuration and Active Directory
configuration for
your
SharePoint server farm deployment. Since no two SharePoint server
deployments
are the same and you may want to configure, for example, your
network
address schema to more closely align with an existing
on-premises
deployment or your domain administrator account and password, you will
need to
input or modify a few parameters before you can launch the stack.
Alternatively,
if you create this stack for proof of concept or demonstration
purposes you
can just simply accept the defaults.

Creating a stack from our sample Template-1 will require, amongst
other things, to input an AWS Key
Pair name, which is a public/private key pair that allows you to
securely
connect to your instance after it launches. For a short tutorial on how
to
create a new Key Pair Name, see this YouTube
Video.

The sample template will launch and provision all the
defined cloud resources (such as creating the VPC, subnets, configuring
security
groups) but it also performs fine-grained configuration tasks on the
Windows
Instances (such as creating the physical representation of the deployed
Active
Directory infrastructure by creating AD sites, subnets and site links).
These configuration tasks on the instances themselves are performed
using
Windows PowerShell
scripts. Those PowerShell scripts provide limited functionality and are
not
meant to represent a production ready solution. Instead, they are
intentionally
built as mesh-ups of samples freely available on the usual PowerShell
community
sites and meant as examples of how you can use AWS CloudFormation
and PowerShell to reach deep into your instances at provisioning time
and perform
the necessary configuration steps. In all likelihood, you will want to
(and can)
replace the scripts with your own.

The architecture diagram (Figure 6) below shows all the
infrastructure and resources that will be
launched
behind the scenes by our AWS CloudFormation sample template.

NOTE: You can use the
sample templates discussed in this article as-is, modify them or use
them as a
starting point for your own template.

If you want to follow along and see what's happening behind the
scenes you can go to the AWS CloudFormation console
(https://console.aws.amazon.com/cloudformation),
select the stack you just launched and click the Events tab. You can
hit the
refresh button frequently to follow along in the creation process.
(Figure 4)

Figure 4: AWS
CloudFormation
Manager Console, View Events Tab

After the stack is launched, it will provide you with the Elastic
IP Addresses (EIP) of the 2 Remote Desktop Gateways (RDGW1 + RDGW2)
when you
select the Outputs Tab. You will use this IP address to connect to your
RDGW
instance and then to your Domain Controller to see if all
configurations have been performed correctly or to perform additional
Active
Directory or DNS configuration tasks. (Figure 5)

Figure 5: AWS
CloudFormation Manager Console, View Outputs Tab

At the end of this step, you will have the following resources of
our architecture launched:

Before we can move on and launch the next stack, which will deploy
SQL Server 2008 R2 Standard Edition as the database for our database
tier, we have to perform a handful of manual steps to create
our own
CloudFormation-enabled Microsoft SQL Server Standard
2008 R2 AMI. This will enable us to use AWS CloudFormation and Windows
PowerShell to
configure the database for our
SharePoint Server farm.

The current SQL AMI's published by AWS are not
CloudFormation-enabled. In order to use a standard SQL AMI
in our scripted infrastructure deployment, we will have to create a SQL
AMI that
runs the EC2Config Service and the CFN Helper scripts. The steps to
create such
an AMI are as follows:

Start with the latest AWS published SQL 2008 R2
AMI

Launch up the instance as a standalone instance
(any instance type larger than t1.micro
works).

Use Sysprep from
within the EC2Config app to bundle everything up. (Figure 7) Wait until
the
instance shows up as *STOPPED* in the AWS Management Console

Figure 8: Amazon EC2
Console - Create Image (EBS AMI)

Create the AMI image using the AWS EC2
Management Console (Figure 8)

If you haven't done so already, now you should
quickly look up and write down the ID of the CloudFormation-enabled SQL
AMI. We will need this ID in our next step below. To look
up the
AMI ID we navigate to the EC2 Console and then AMIs
and take note of the AMI ID.
Figure 9: Amazon EC2 Console:
Amazon Machine Images

Now that you have created your CloudFormation-enabled SQL Server 2008 R2 Standard Edition AMI you are ready to move
on to the
next step and click the "Launch Stack" button to deploy and provision
the
database tier.

This will take you to the AWS Management Console's AWS
CloudFormation Stack Wizard and load the sample Template-2.

The AWS CloudFormation sample Template-2 will launch the database
stack into the previously deployed networking and Active Directory
infrastructure
and join the Database Server to the domain. In addition to the
previously recorded
SQL AMI ID, you will need to look up the following IDs in
the VPC console and input them into the template.

VPC ID

SQL Server Security Group ID

Domain Member Security Group ID

SQL Server Subnet ID

Figure 10: Create
Stack wizard:
review and modify parameters

In addition to the volume that holds the operating system, your SQL
instance will have, multiple volumes attached, one for the SharePoint
database
files and one for the log files. This follows in part Microsoft's
recommendations for mitigating any potential IO contention. (NOTE: The
drive letters for the database (D:\) and log file (E:\) volume are
fixed per the sample
template but you can modify the directory name.) You also want to
ensure
consistent SQL Server IO performance that is in line with the desired
performance profile of your SharePoint Application. Therefore, sample
Template-2 creates volumes provisioned
with a specific number of I/O operations per second (IOPS). These
Provisioned IOPS volumes can be attached to specially "EBS-optimized"
instance
types.
Currently, the following instance types can be launched as
EBS-optimized
instances:

Large (m1.large)

Extra Large (m1.xlarge)

High-Memory Quadruple Extra Large (m2.4xlarge)

Sample Template-2 also
executes a PowerShell script that creates a SQL login for the
SharePoint farm administrator account and adds this login to the dbcreator
and securityadmin role, as
required for a successful
SharePoint configuration.

After the stack is launched (CREATE_COMPLETE), it will provide
you with the SQL Server NetBIOS name. You will use this NetBIOS name to
connect
from your RDGW instance to your SQL server to see if all configurations
have
been performed correctly or to perform additional SQL server
configuration
tasks. In Step 6 you will also use the SQL Server NetBIOS name when you
configure your SharePoint Server Farm and connect from your APP and WFE
servers
to the SQL server.

At the end of this step you will have the following resources of
our architecture launched:

For
both, the App Server and the Web Front End Servers, we need to create
our own Windows Server AMI that holds the raw (uninstalled) SharePoint
bits and the SPModule. The steps for creating such an AMI are as
follows:

On the launched instance, download the SPModule.zip file from here
and extract it to
C:\Windows\System32\WindowsPowerShell\v1.0\Modules\SPModule.
Figure 13: Extracted SPModule location

Create/Edit the PSModulePath in the System Variables to point to
the location where you copied the files in Step 4.
Figure 14: Configure System Variables

After that manually reset the UserData flag in C:\Program
Files\Amazon\Ec2ConfigService\Settings\Config.xml

<Name>Ec2HandleUserData</Name>

<State>Enabled</State>

Use Sysprep from within the EC2Config app to bundle everything
up. Wait
until the instance shows up as *STOPPED*
in the management console.

Create the AMI image using the AWS Management Console.

At this point in the process you have launched the resources that
make up your network & security infrastructure and your Active
Directory
and database. Besides small, individual configurations like adding a
SharePoint
Farm Administrator account or creating a login for that account on your
SQL
Server database the infrastructure and resources we have launched so
far are
not specific to SharePoint. They could easily be the backbone for a
Microsoft Windows
based 3-tier application of any scale.

After the completion of this step you have taken the first
of the final 3 steps that make this a SharePoint Server Farm running on
the AWS
cloud. To proceed, click the "Launch Stack" button.

This will take you to the AWS Management Console's AWS
CloudFormation stack wizard and load the sample Template-3.

The AWS CloudFormation sample Template-3 will launch the APP server
stack into the previously deployed networking, Active Directory and
database infrastructure
and join the APP server to the domain. Just as you looked up IDs
when
launching the SQL Server stac, you need to look up the
following
IDs in the VPC console and input them into the template.

VPC ID

APP Server Security Group ID

Domain Member Security Group ID

APP Server Subnet ID

This deploys a Windows Server 2008 R2 Amazon EC2 instance and installs
SharePoint
Server 2010 for Internet Sites - Enterprise on your APP serve. You will have to provide your own
license key (BYOL) or, for a trial or test installation, get the Trial PID Key directly from Microsoft SharePoint Trial Site at http://www.microsoft.com/en-us/download/details.aspx?id=16631 . Please note that you are responsible for complying with Microsoft's requirements for your use of the SharePoint 2010 trial. Microsoft may discontinue or change the requirements around the SharePoint 2010 trial at any time. Refer to Microsoft's License
Mobility through Software Assurance program for further details on
how you can provide your mobilized SharePoint license into the
deployment
process.

Figure 15: Providing
your own
license key (BYOL)

After the stack is launched (CREATE_COMPLETE), it will provide
you with the APP Server NetBIOS name. You will use this NetBIOS name to
connect
from your RDGW instance to your APP server to see if all configurations
have
been performed correctly. In Step 6 you will log into the APP server
using its NetBIOS
name when you create and configure your SharePoint server farm Central
Administration site.

If your deployment and desired farm capacity requires it you can
repeat step 5 and launch additional APP servers to create App Server
groups
either by launching additional App server stacks into the same subnet
or, taking
advantage of the provided high availability infrastructure, into a
subnet in
the second Availability Zone (AZ). To accomplish this, all you have to
do is look up the APP server subnet ID in the VPC console
and
provide it as input to the template.

At the end of this step you will have the following resources of
our architecture launched:

Now that you have built your stack from the bottom up, launched
the resources that make up your network and security infrastructure,
your
Active Directory and database plus your SharePoint APP server, you
will
complete the installation of the SharePoint Server Farm by launching 2
Web
Front End (WFE) servers (1 per Web tier in each Availability Zone).

This will take you to the AWS Management Console's AWS
CloudFormation stack wizard and load the sample Template-4.

The AWS CloudFormation sample Template-4 will launch the WFE server
stack into the previously deployed networking, Active Directory,
database and
APP server infrastructure and join the two WFE Servers to the domain.
Just as you looked up IDs when you launched the SQL and APP server
stacks this
will
require you to look up the following IDs in the VPC console
and
input them into the template.

VPC ID

WFE Server Security Group ID

Domain Member Security Group ID

WFE1 Server Subnet ID

WFE2 Server Subnet ID

DMZ1 Subnet ID (Required to launch the Elastic
Load Balancer)

DMZ2 Subnet ID (Required to launch the Elastic
Load Balancer)

Load Balancer Security Group ID

This deploys 2 Windows Server 2008 R2 EC2 instances and installs
SharePoint
Server 2010 for Internet Sites - Enterprise on your WFE servers using
your own
license key (BYOL) or, for a trail or test installation, a Trail PID
Key. (Please
refer to Microsoft's License
Mobility through Software Assurance program for further details on
how you can provide your mobilized SharePoint license into the
deployment
process). It also deploys and configures an Elastic Load Balancer (ELB)
which
will balance traffic between your WFE servers.

At the end of this step you will have the following resources of
our architecture launched:

Figure 17:
Architecture
implemented at the completion of step 5

Step 6. Configure the
SharePoint Server Farm

After you have launched the complete stack, you need to
configure your SharePoint Farm. It is outside the scope of this article
to
discuss the many configuration options that SharePoint supports.
However, for
the purpose of creating a simple proof of concept (POC) or
demonstration setup,
you will need to perform the following configuration steps:

On the APP Server:

Run the SharePoint Products and Technologies Configuration Wizard.

Create a new server farm.

On the WFE1 Server:

Run the SharePoint Products and Technologies Configuration Wizard.

Connect to an existing farm.

Launch the Farm Configuration Wizard.

Create a Site Collection.

On the WFE2 Server:

Run the SharePoint Products and Technologies Configuration Wizard.

Connect to an existing farm.

You will find in the in Step 6 of the advanced
guide more detailed, step-by-step
instruction that will guide you through the minimum setup steps
required to configure a functional SharePoint Team Site. After that you
are ready to connect to your SharePoint site using the IP address of
the Elastic Load Balancer (ELB).

How Much Is It Going to Cost to Run This Sample Site on AWS?

AWS offers significant savings over hosting the same application
on-premises. It provides you with the flexibility to choose between
different instance type configurations (such as Small,
Medium, Large...), plus you can choose numerous combinations of
On-Demand
and Reserved Instances that match your usage projections. It also
offers a wide range of Reserved Instance types (Light, Medium and
Heavy Utilization) that allow you to save more money as you become more
certain of
individual instance utilization.

You can to use the AWS
Simple Monthly Calculator to input your capacity requirements and
estimate your costs. We have made a few assumptions and have provided a
sample calculation for the deployment
configuration discussed earlier, which assumes
3-Year Heavy Utilization Reserved Instances.

Under those assumptions,
the total cost of running this sample site (see the Resources section
for
the deployment configuration and setup) on AWS will be approximately $3,250/month, amortized over 3-year
period (includes Windows and SQL Server License). If the architecture
can support
approximately 500 concurrent users, the cost will be approximately $6.5 per User per Month. We
recommend
that you adjust these assumptions based on your own business
requirements.

How Can I Modify the Sample AWS CloudFormation Templates?

With Amazon EC2, you have complete control of your compute environment. For
further details and additional information on how to modify the four
AWS CloudFormation templates provided with this article, please
read the advanced
guide. The advanced guide describes
the contents of the AWS CloudFormation templates and PowerShell scripts so
you can configure the
various infrastructure details, such as compute instance types,
provisioned storage,
security,
and networking controls.